Cyber Security Engineer with Splunk

Position: Cyber Security Engineer (L3)

Location: Remote

Experience Level: 5+ Years

Job Type: Full-time

Job Summary:

This role will lead the development and implementation of intelligent security solutions using SIEM, SOAR, and machine learning to enhance detection, response, and operational efficiency across the enterprise.

Key Responsibilities

* Design, implement, and manage enterprise SIEM (Splunk) solutions for centralized log analysis and real-time event monitoring.

* Develop and fine-tune correlation rules, alerts, dashboards, and use cases to detect anomalous and malicious activity.

* Lead data ingestion and normalization from varied enterprise systems (e.g., cloud workloads, endpoints, network devices).

* Develop and maintain SOAR playbooks to automate incident detection, triage, response, and recovery.

* Optimize SOAR workflows and integrations with security infrastructure to reduce MTTD/MTTR.

* Build and apply machine learning models to identify security anomalies, enrich event context, and predict threats.

* Collaborate with Security Operations Center (SOC), DevOps, IT, and business units to align security automation with business goals.

* Analyze incident data to uncover trends and provide recommendations for improving controls and detection.

* Maintain detailed documentation for playbooks, integrations, automation processes, and incident response protocols.

* Stay abreast of industry trends and emerging tools to continually advance detection and automation strategies.

* Mentor junior engineers and assist in promoting SOAR and SIEM best practices across the team.

Required Qualifications

* 4+ years of experience in cybersecurity engineering, including SIEM (Splunk), SOAR, and machine learning-based threat detection.

* 3+ years of experience in security automation using platforms such as Splunk SOAR, XSOAR, Swimlane, or similar.

* 3+ years in cyber data engineering or analytics: log processing, enrichment, and telemetry pipelines.

* Expertise in scripting languages like Python and PowerShell, and using REST APIs for integrations.

* Proven experience designing and deploying security automation workflows in enterprise environments.

* Bachelor's degree in Computer Science, Information Security, Engineering, or related field-or equivalent experience.

* Ability to troubleshoot complex security issues and integrate with diverse platforms.

* Strong communication and collaboration skills to work with technical and non-technical stakeholders.

Preferred Qualifications

* Hands-on experience with cloud platforms such as AWS, Azure, or Google Cloud Platform.

* Familiarity with cloud-native security tooling, telemetry pipelines, and serverless security design patterns.

* Experience working within Agile environments and cross-functional DevSecOps teams.

* Knowledge of change management processes, compliance frameworks (e.g., NIST, ISO), and regulatory constraints in financial services.

Why Join This Engagement?

* Help build the next generation of cybersecurity automation for a major financial institution.

* Work with cutting-edge security architecture in a cloud-first, data-driven environment.

• * Contribute to industry-leading practices in SOAR, ML-driven detection, and incident response automation.